CN102474666A - Information processing device, information processing method, operation terminal, and information processing system - Google Patents

Information processing device, information processing method, operation terminal, and information processing system Download PDF

Info

Publication number
CN102474666A
CN102474666A CN2010800342136A CN201080034213A CN102474666A CN 102474666 A CN102474666 A CN 102474666A CN 2010800342136 A CN2010800342136 A CN 2010800342136A CN 201080034213 A CN201080034213 A CN 201080034213A CN 102474666 A CN102474666 A CN 102474666A
Authority
CN
China
Prior art keywords
key
request
safe class
transmitted power
storage area
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2010800342136A
Other languages
Chinese (zh)
Inventor
森冈裕一
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sony Corp
Original Assignee
Sony Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Corp filed Critical Sony Corp
Publication of CN102474666A publication Critical patent/CN102474666A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4126The peripheral being portable, e.g. PDAs or mobile phones
    • H04N21/41265The peripheral being portable, e.g. PDAs or mobile phones having a remote control device for bidirectional communication between the remote control device and client device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0212Power saving arrangements in terminal devices managed by the network, e.g. network or access point is master and terminal is slave
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

Provided is a new and improved technology that enables an information processing device to posses the right to determine the degree of safety-strength in communication between an operation terminal and the information processing device, in an information processing system wherein a key is divided, according to the number the key is to be divided into specified by the operation terminal, and returned by the information processing system. The information processing device (100) is provided with: a security-level determining unit (133) that determines the security level upon transmitting the keys to the operation terminal, as a transmission security level; a transmission-power determining unit (134) that determines transmission power according to the transmission security level, and the number the key is to be divided into, which is included in key-transmission requests; a key obtaining unit (135) that obtains each of the divided keys by dividing the key with the number the key is to be divided into; and a transmission unit (160) that transmits each of the divided keys obtained by the key obtaining unit (135), to the operation terminal with a radio signal, using the transmission power determined by the transmission power determining unit (134).

Description

Information processor, information processing method, operating terminal and information processing system
Technical field
The present invention relates to information processor, information processing method, operating terminal and information processing system.
Background technology
In recent years, RF (radio frequency) remote controller is used widely, and it can handle information processor according to carrying out from user's indication through to sending radio wave such as information processors such as television sets.In addition, each tissue has carried out making the standardized trial of RF remote control.
For example, according to near-field communication standard IEEE (registered trade mark) (IEEE) 802.15.4, ZigBee (registered trade mark) is standardized as corresponding network layer, safe floor and the application layer in upper strata with IEEE (registered trade mark) 802.15.4.The ZigBee of version 1.0 (registered trade mark) supports the standard of ZigBee (registered trade mark).As the standard of physical layer and MAC (medium control of azimuth layer), accomplished IEEE (registered trade mark) 802.15.4 in ieee standard association.
In addition, based on IEEE (registered trade mark) 802.15.4, RF remote control standard ZigBee (registered trade mark) RF4CE (radio frequency that is used for consumption electronic product) v1.0 standard is by trade organization's standardization.According to this standard, in order to prevent to be input to operation information in the remote controller by being read and abuse, between the desired information processor of remote controller and user, share key (encryption key) such as neighbours' grade in an imperial examination three groups by the user.Key mainly is to use during to television set transmit operation information, credit card information etc. from remote controller, and works with the mode that the 3rd group of not knowing this key can not intercept and capture those information.
Receiving when sending request from the key of remote controller (hereinafter is also referred to as " operating terminal "); Information processor such as TV etc. sends the key element that is called the key segment to remote controller, and wherein the number of key segment equals to send the key of being write in the request at key and cuts apart number (key-dividing number) (segment number).The remote controller that has received the key segment carries out the step-by-step XOR of all elements, and obtains final key.Usually; The supervisor who separates with information processor and remote controller, do not have desirable being sent out/be received the radio wave trajectory, and therefore can not inerrably receive those whole key segments and can not receive key with information processor or remote controller at the opposite side of wall etc.
Disclose and be used to generate key segment and the various technology (for example, the referenced patent document 1) of sending the key segment that is generated.
Reference listing
Patent documentation
Patent documentation 1:JP2009-55402A
Summary of the invention
Technical problem
Yet remote controller confirms that key cuts apart in the above-mentioned technology of number therein, and supervisor B receives key segment failed probability and depends on that the key of confirming at the remote controller end cuts apart number.That is, we can say that communication security intensity between remote controller and the information processor cuts apart number according to key and confirm.Yet, cut apart number in response to such as conserve batteries or reduce demands such as amount of calculation and keep under the less situation at key, existence can not be kept the problem of the communication security in the remote controller.In addition, in practice, normally information processor is being grasped the significance level of the operation information that the user imports, and has unbalanced problem takes place on the right of confirming security intensity.
Therefore; Be conceived to above problem and accomplished the present invention; And the objective of the invention is to; Therein key cut apart according to the key of operating terminal regulation that number is cut apart and the information processing system returned by messaging device in, a kind of improvement technology of novelty is provided, it makes the messaging device security intensity of communicating by letter between decision terminal and the messaging device of can having the right.
The solution of problem
According to aspects of the present invention, to achieve these goals, a kind of information processor is provided, it comprises: storage area, its storage are used to encrypt or the key of data decryption; Receiving unit, its receive from operating terminal, via wireless signal, comprise that key cuts apart the key of number and send request; Key sends the acquisition request part, and it obtains key and sends request from the wireless signal that is obtained by receiving unit; Safe class is confirmed part, and it confirms as the transmission safe class with the safe class when operating terminal sends key; Transmitted power is confirmed part, and it sends the key that key that acquisition request partly obtains sends in the request by key and cut apart number according to being confirmed the transmission safe class that part is confirmed by safe class and being included in, and confirms transmitted power; Key obtains part, and it is divided into key and cuts apart number, obtain each key segment through being stored in key in the storage area; And transmitting section, it is confirmed the definite transmitted power of part, is sent by key to operating terminal and obtain each key segment of partly obtaining by transmitted power via wireless signal, utilization.
Storage area also can be stored first key and cuts apart the number and first safe class.Transmitted power confirms that partly also can obtain first key that is stored in the said storage area cuts apart the number and first safe class; And satisfying under the situation of first condition; Transmitted power is confirmed partly can transmitted power be confirmed as the value less than the transmitted power of under the situation that does not satisfy first condition, using; Wherein first condition is, confirms by safe class that transmission safe class that part is confirmed is equal to or higher than first safe class and is included in key and sends key in the request and cut apart number and cut apart number less than first key.
Storage area also can be stored second key and cuts apart the number and second safe class.Transmitted power confirms that partly can obtain second key that is stored in the storage area cuts apart the number and second safe class; And satisfying under the situation of second condition; Transmitted power is confirmed partly can transmitted power be confirmed as the value greater than the transmitted power of under the situation that does not satisfy second condition, using; Wherein second condition is, confirms by safe class that transmission safe class that part is confirmed is equal to or less than second safe class and is included in key and sends key in the request and cut apart number and be equal to or greater than second key and cut apart number.
Information processor also can comprise handles acquisition request part and processing execution part.Receiving unit is after having received key transmission request; Also can receive the encrypted processing request from operating terminal via wireless signal, wherein encrypted processing request is through utilizing the key that is generated based on each key segment by operating terminal to ask to encrypt to obtain to handling.Handle the acquisition request part and can from the wireless signal that receives by receiving unit, obtain encrypted processing request.The processing execution part key that is stored in the storage area capable of using is deciphered encrypted processing request, and carries out processing according to the processing request that obtains through deciphering.
The definite key that is included in the key transmission request of partly being obtained by key transmission acquisition request of partly can in storage area, registering of transmitted power is cut apart number.Handle the acquisition request part and can from the wireless signal that is received by receiving unit, obtain encrypted processing request, wherein encrypted processing request is through utilizing by operating terminal each key segment whole to be carried out key that the step-by-step XOR generates, encrypt and obtain handling request.The processing execution part is capable of using deciphers encrypted processing request through each key segment whole being carried out the key that the step-by-step XOR generates; And processing is carried out in the processing request according to obtaining through deciphering, and wherein each key segment is to be divided into the key that is stored in the storage area and to cut apart number and obtain through being stored in key in the storage area.
But storage area is application storing also, and application program is partly started to carry out by processing execution to be handled.Safe class is confirmed partly can confirm to send safe class according to type of application.
Information processor comprises that also pairing request obtains part, and part is confirmed at pairing processing section and key request terminal.Receiving unit is before receiving key transmission request; Also receive pairing request via wireless signal from operating terminal, wherein pairing request comprises the model identifying information of the model that is used for the identifying operation terminal and the operating terminal identifying information that is used for the identifying operation terminal.Pairing request obtain part from the wireless signal that receives by receiving unit, obtain pairing request.Being included in the model identifying information that is obtained in the pairing request of partly obtaining by pairing request is under the situation of predetermined model identifying information, and the pairing processing section can be with the operating terminal identifying information as allowing communication terminal information, being registered in the storage area.Whether the key request terminal confirms that part can judge, be included in to send key that acquisition request partly obtains by key and send operating terminal identifying information in the request and be used as and allow communication terminal information to be registered in the storage area.Confirming at the key request terminal that part is judged to be is included in key and sends operating terminal identifying information in the request and be not used as and allow communication terminal information to be registered under the situation in the storage area, and transmitting section is not sent each key segment via wireless signal to operating means.
Comprise also in pairing request under the situation of performance information of the performance of indicating operating terminal that the pairing processing section also can be with being registered in the storage area with the performance information that allows communication terminal information to be associated.Safe class confirms that part can be according to the performance information of in storage area, registering explicitly with the permission communication terminal information, next definite safe class of sending.
Transmitted power confirm part can in storage area, register be included in by key send key that acquisition request partly obtains send key in asking cut apart number and determined transmitted power, to cut apart number and transmitted power last time as preceding secondary key respectively.Partly encrypted processing request is deciphered under the situation of failure in processing execution, the definite key that is included in the key transmission request of partly being obtained by key transmission acquisition request that partly can obtain once more of transmitted power is cut apart number.Transmitted power confirms that part can calculate that the key that is obtained is cut apart number and the preceding secondary key that is registered in the storage area is cut apart the difference between the number.Be equal to or less than in the difference of being calculated under the situation of predetermined value, transmitted power is confirmed partly can confirm greater than the value that is registered in the last time transmitted power in the storage area.
Storage area also can be stored the environment identifying information that is used to discern equipment of itself institute installation environment.Safe class is confirmed partly to confirm to send safe class according to the environment identifying information.
Safe class is definite partly can be according to the received power of the wireless signal when receiving unit receives key transmission request via wireless signal, next definite safe class of sending.
Information processor also can comprise display part and display control section.Display control section can make the display part show at least one of the following: confirmed transmission safe class that part confirms, be included in and send key that acquisition request partly obtains by key and send key in the request and cut apart number, or confirm the transmitted power that part is confirmed by transmitted power by safe class.
The advantageous effects of invention
According to the invention described above, can key according to operating terminal specified key cut apart in the information processing system that number is cut apart and returned by information processor, make information processor have the right of the communication security intensity between definite operating terminal and the information processor.
Description of drawings
Fig. 1 shows the diagrammatic sketch according to the applying examples of the information processing system of present embodiment.
Fig. 2 illustrates the diagrammatic sketch that key sends the transmission of request and key segment.
Fig. 3 is the diagrammatic sketch of example that illustrates the transmission case of successful of key segment.
Fig. 4 is the diagrammatic sketch of example that illustrates the unsuccessful situation of transmission of key segment.
Fig. 5 shows the diagrammatic sketch according to the configuration of the information processor of present embodiment.
Fig. 6 shows the diagrammatic sketch according to the configuration of the operating terminal of present embodiment.
Fig. 7 shows the diagrammatic sketch of the ios dhcp sample configuration IOS DHCP of the related information that information processor holds.
Fig. 8 shows the sequence chart of the flow process of the processing of being carried out by information processing system.
Fig. 9 shows the flow chart of the flow process of the processing of being carried out by information processor.
Embodiment
Hereinafter, with preferred embodiments of the present invention will be described in detail with reference to the annexed drawings.Notice that in this specification and accompanying drawing, the element with basic identical function and structure utilizes identical Reference numeral to represent, and omit the explanation of repetition.Note, will provide description with following order.
1. first embodiment
1-1. the applying examples of information processing system
1-2. key sends the transmission of request and key segment
1-3. the transmission case of successful of key segment
1-4. the unsuccessful situation of the transmission of key segment
1-5. the configuration of information processor
1-6. the configuration of operating terminal
1-7. the ios dhcp sample configuration IOS DHCP of the related information that information processor is held
1-8. the flow process of the processing of carrying out by information processing system
1-9. the flow process of the processing of carrying out by information processor
2. modified example
3. sum up
< 1. first embodiment >
The first embodiment of the present invention will be described.
[applying examples of 1-1. information processing system]
Fig. 1 shows the diagrammatic sketch according to the applying examples of the information processing system of present embodiment.To the applying examples according to the information processing system of present embodiment be described with reference to figure 1 (taking the circumstances into consideration) with reference to other accompanying drawings.
As shown in Figure 1, comprise information processor 100 and operating terminal 200 according to the information processing system 10 of present embodiment.The wireless signal TE that utilizes radio wave that information processor 100 receives from operating terminal 200; Request among the wireless signal TE that receives according to being included in is carried out and is handled, and through among the wireless signal RE1 that result is included in utilize radio wave, return result.Here, as shown in Figure 1, can suppose that information processor 100 for example is a television set, but be not limited to television set.Information processor 100 can be any device; Carry out from the wireless signal TE of operating terminal 200, according to the request among the wireless signal TE that is received of being included in and handle and through making result be included in the function of returning result among the wireless signal RE1 as long as have reception, and information processor 100 can be a recoding/reproduction TV Festival destination device for example.
The input of the operation information that operating terminal 200 is accepted to be carried out by user U is imported received operation information based on it and is produced request, and the request that produces through making is included in to come among the wireless signal TE and sends the request that is produced to information processor 100.In addition, operating terminal 200 receive as the response of wireless signal TE, from the wireless signal RE1 of information processor 100.Can suppose that operating terminal 200 is for example aforesaid RF remote controllers, but not be limited to the RF remote controller particularly.For example; Operating terminal 200 can be an any device; As long as have the input of accepting operation information and through making request be included among the wireless signal TE, come the function of sending based on the request of operation information to information processor 100, and have receive as to the response of wireless signal TE, get final product from the function of the wireless signal RE1 of information processor 100.
In addition, as stated, in order to prevent that being input to the operating terminal RC that the operation information monitored person B of operating terminal 200 held by user U reads and abused, shared key between operating terminal 200 and the desired information processor 100 of user U.For example; According to ZigBee (registered trade mark) RF4CE v1.0 standard; This key is mainly using during to information processor 100 transmit operation information, credit card information etc. from operating terminal 200, and works with the mode that the observer B that does not know key can not intercept and capture those information.
When receive from operating terminal 200 send request via the key of wireless signal TE the time, information processor 100 sends through key is divided into to operating terminal 200 and is included in the key that key sends in the request and cuts apart the key segment that number obtains.The operating terminal 200 that has received the key segment receives all key segments and obtains key based on the key segment that all receive.Usually; The operating terminal RC that is held with the observer B of the isolated opposite side at wall W etc. of information processor 100 and operating terminal 200; Not with the desirable route of transmission of information processor 100 or operating terminal 200 transmissions/reception radio waves, and so can not inerrably receive those all key segments and can not receive key.
Yet, successfully reading under the situation of key through receiving from the wireless signal RE2 of information processor 100, the operating terminal RC that observer B is held can intercept and capture such as information such as operation information and credit card informations.Here, though can suppose observer B be positioned at the room R1 at user U place separately, in the situation of the room R2 of the opposite side of wall W, situation is not limited thereto, and the position at observer B place can be any place.For example, observer B can be positioned at the outside in the house at user U place.
When having only operating terminal 200 to confirm that key is cut apart number, the unsuccessful probability of reception of the key segment that the operating terminal RC that is held by observer B carries out only depends at the determined key of operating terminal 200 sides cuts apart number.That is, the communication security intensity between operating terminal 200 and the information processor 100 is cut apart number according to key and is confirmed.Yet,, can not keep the communication security in the Long-distance Control in response to such as conserve batteries or reduce request such as amount of calculation, keep key to cut apart under the less situation of number.In addition, in practice, normally information processor 100 is being grasped the importance of the operation information that user U imported and the imbalance that in the right of decision security intensity, takes place.
In the present embodiment; Such technology has been described; Promptly therein key cut apart according to operating terminal 200 specified keys that number is cut apart and the information processor 100 that returned by information processor 100 in, make information processor 100 can have the right to confirm the communication security intensity between operating terminal 200 and the information processor 100.In addition, though under the prerequisite of use unencrypted plain text bit string, describe, also can use encryption key as key itself.
As a specific example, cut apart number for keeping under the situation that communication security is inadequate value, can suppose that information processor 100 controls the situation that makes that the transmitted power be used to send the key segment reduces at the key that operating terminal 200 is sent.Along with reducing of transmitted power, even cut apart under the very little situation of number at operating terminal 200 specified keys, also can increase the key segment when information processor 100 arrives the operating terminal RC that observer B are held, send the wrong probability that takes place.That is, can reduce the probability that observer B steals key.
At this on the one hand, when too much reducing transmitted power, at this moment, wrong possibility takes place to send and exceeds required in the operating terminal 200 corresponding with the expectation communication parter of information processor 100.As a result, can not key correctly be sent to operating terminal 200 from information processor 100.For fear of falling into such state, notified information processor 100 excessive keys to cut apart under the situation of number at operating terminal 200, can increase the transmitted power when sending the key segment.By this way, information processor 100 becomes and can key be sent to operating terminal 200 more reliably.
In addition, after the transmission of key failure once, at solicit operation terminal 200 once more with identical
The key of (or approximate) is cut apart under the situation of number transmission key, and information processor 100 can increase the transmitted power of the transmission that is used for next key, and can improve key and send probability of successful.
[the 1-2. key sends the transmission of request and key segment]
Fig. 2 illustrates the diagrammatic sketch that key sends the transmission of request and key segment.To the transmission that key sends request and key segment be described with reference to figure 2 (taking the circumstances into consideration) with reference to other accompanying drawings.
As shown in Figure 2, let us hypothesis operating terminal 200 sends to information processor 100 and comprises the key transmission request of cutting apart the N of number as key.Information processor 100 to operating terminal 200 send through send according to the key that sends from operating terminal 200 request with key be divided into the key segment that the N sheet obtains (key segment F1, F2 ... FN).In addition, the operating terminal RC that observer B is held also attempt to receive the key segment (key segment F1, F2 ... FN).Here, under the situation of suitably keeping the employed transmitted power that is used to send key of information processor 100, for example; Operating terminal 200 successfully receives key segment (key segment F1; F2, ... FN), but operating terminal RC can not successfully receive some or whole key segment (key segment F1; F2 ... FN).Fig. 2 shows the wherein unsuccessful example of reception of key segment FN-2.
[the transmission case of successful of 1-3. key segment]
Fig. 3 is the diagrammatic sketch of example that illustrates the transmission case of successful of key segment.The transmission case of successful of key segment will be described with reference to figure 3 (taking the circumstances into consideration with reference to other accompanying drawings).
As shown in Figure 2, let us hypothesis from information processor 100 to operating terminal whole key segments of 200 (key segment F1, F2 ... FN) transmission success.In this case, as shown in Figure 3, information processor 100 and operating terminal 200 each all hold identical key segment (key segment F1, F2 ... FN).If each all holds identical key segment (key segment F1 information processor 100 and operating terminal 200; F2; FN), then can be based on key segment (key segment F1, F2; FN) generate identical key, and can between information processor 100 and operating terminal 200, share identical key (shared key).Though Fig. 3 show wherein information processor 100 and operating terminal 200 each all through carry out the key segment (key segment F1, F2 ... FN) step-by-step XOR generates key, and the mode that still generates key is not limited to carry out the technology of step-by-step XOR.
[the unsuccessful situation of transmission of 1-4. key segment]
Fig. 4 is the diagrammatic sketch of example that illustrates the unsuccessful situation of transmission of key segment.The unsuccessful situation of transmission of key segment will be described with reference to figure 4 (taking the circumstances into consideration with reference to other accompanying drawings).
As shown in Figure 2, let us hypothesis the key segment from information processor 100 to operating terminal RC (key segment F1, F2 ... FN) in the transmission, the transmission of key segment FN-2 is unsuccessful.In this case, as shown in Figure 4, operating terminal RC can not hold key segment FN-2.Because operating terminal RC can not hold key segment FN-2, so information processor 100 can not be shared identical key (sharing key) with operating terminal RC.Each all generates key through the step-by-step XOR that carries out the key segment though Fig. 4 shows wherein information processor 100 and operating terminal RC, and the mode that generates key is not limited to carry out the technology of step-by-step XOR.
[configuration of 1-5. information processor]
Fig. 5 shows the diagrammatic sketch according to the configuration of the information processor of present embodiment.To the configuration according to the information processor of present embodiment be described with reference to figure 5 (taking the circumstances into consideration) with reference to other accompanying drawings.
As shown in Figure 5, information processor 100 comprises receiving unit 110, control section 130, storage area 140 and transmitting section 160 at least.In addition, if necessary, information processor 100 also comprises reception control section 120, sends control section 150, display part 170 etc.
In addition; Control section 130 comprises that at least acquisition request part 131, safe class confirm that part 133, transmitted power confirm that part 134 and key obtain part 135; And if necessary, comprise key request terminal judges part 132, pairing processing section 136, processing execution part 137 and display control section 139 etc.Control section 130 is by for example CPU (central processing unit), RAM formations such as (random asccess memory), and the function of control section 130 is through reading and be deployed in the storage area 140 program stored and carrying out the program of in RAM, being launched and realize in RAM.In addition, for example, control section 130 can be made up of the hardware of special use.
Acquisition request part 131 comprises that at least key sends acquisition request part 1311, and comprises that if necessary pairing request obtains part 1312 and handle acquisition request part 1313.
Receiving unit 110 is made up of antenna etc., and receives the wireless signal from operating terminal 200.For example, receiving unit 110 receive from operating terminal 200, via wireless signal, comprise that key cuts apart the key of number and send request.For example, key is cut apart the pre-position that number can be arranged on key transmission request.Key sends the precalculated position of request and does not limit particularly, and can be the header that key sends request, perhaps can be to be placed on the bit that key sends the header predetermined number afterwards of request.
Receive control section 120 in case of necessity, the wireless signal that receiving unit 110 is received is carried out the frequency inverted from the high-frequency signal to the baseband signal through down-conversion, and the baseband signal after the frequency, demodulation frequency conversion.In addition, utilize digital signal to carry out under the situation about handling at control section 130, receiving control section 120 will be digital signal through the analog signal conversion that demodulation obtains.
Storage area 140 is by constituting such as HDD memory devices such as (hard disk drives), and storage is used to encrypt or the related information 141 and key 142 of data decryption.In addition; Under the situation that control section 130 is made up of CPU (central processing unit), RAM (random asccess memory) etc., storage area 140 also has the function of program of being carried out by storage control section 130 and the various data of when control section 130 executive programs, using.
Key sends acquisition request part 1311 and obtains key transmission request from the wireless signal that is received by receiving unit 110.Send acquisition request part 1311 through key and obtain the not restriction particularly of technology that key sends request; And for example the numerical value in the pre-position that is arranged on the wireless signal that is received by receiving unit 110 is that the indication key sends under the situation of the numerical value of asking, and acquisition request part 131 can be obtained the wireless signal that the request of sending is extracted as key.
Safe class confirms that part 133 confirms as the transmission safe class with the safe class when operating terminal 200 sends keys.Will be described later by safe class and confirm confirming of transmission safe class that part 133 is carried out.
Transmitted power confirms that part 134 confirms part 133 determined transmission safe classes according to safe class and be included in key to send the key that key that acquisition request part 1311 obtained sends in the request and cut apart number, confirm transmitted power.
Key obtains part 135 and is divided into key and cuts apart number and obtain each key segment through being stored in key 142 in the storage area 140.When being divided into key to key 142 and cutting apart number, suppose that for example key 142 being divided into key cuts apart number.Yet, suppose in information processor 100 and operating terminal 200, to cut apart based on identical algorithm, can not average and cut apart.
Transmitting section 160 is by constituting with identical or different antenna of receiving unit 110 etc.; And will utilize by transmitted power confirm transmitted power that part 134 is confirmed, obtain each key segment that part 135 is obtained by key, send to operating terminal 200 via wireless signal.
Utilize digital signal to carry out under the situation about handling at control section 130, send control section 150 and convert the digital signal that to send into analog signal.In addition, send control section 150 as required modulated analog signal, carry out frequency translation through up-conversion from the baseband signal obtained by modulation to high-frequency signal, and high-frequency signal is outputed to transmitting section 160.
Storage area 140 also can be stored first key and cuts apart the number and first safe class.In this case, transmitted power confirms that part 134 obtains first key that is stored in the storage area 140 and cut apart the number and first safe class.Then; Satisfying under the situation of first condition; Transmitted power confirms that part 134 confirms as the value less than employed transmitted power under the situation that does not satisfy first condition with transmitted power; Wherein first condition is, safe class is confirmed that part 133 determined transmission safe classes are equal to or higher than first safe class and are included in key in the key request of sending and cut apart number and cut apart number less than first key.
For example, cut apart number for " key is cut apart number N ", first key of related information 141 and be set to " 100 ", and for example for " safe class " of related information 141, first safe class is set to " height " (for example, with reference to figure 7).
In addition, storage area 140 also can be stored second key and cuts apart the number and second safe class.In this case, transmitted power confirms that part 134 obtains second key that is stored in the storage area 140 and cut apart the number and second safe class.Then; Satisfying under the situation of second condition; Transmitted power confirms that part 134 confirms as the value greater than employed transmitted power under the situation that does not satisfy second condition with transmitted power; Wherein second condition is, safe class is confirmed that part 133 determined transmission safe classes are equal to or less than second safe class and are included in key in the key request of sending and cut apart number and be equal to or greater than second key and cut apart number.
For example, cut apart number for " key is cut apart number N ", second key of related information 141 and be set to " 10 ", and for example for " safe class " of related information 141, second safe class is set to " low " (for example, with reference to figure 7).
Information processor 100 also can comprise handles acquisition request part 1313 and processing execution part 137.In this case; After receiving key transmission request; Receiving unit 110 also via wireless signal receive from operating terminal 200 through the encryption request, it is encrypted and obtains handling request through utilizing key of being generated based on each key segment by operating terminal 200.Handle acquisition request part 1313 and can from the wireless signal that receiving unit 110 is received, obtain encrypted processing request; And the 137 142 pairs of encrypted processing requests of key that are stored in the storage area 140 capable of using of processing execution part are deciphered, and carry out processing according to the processing request that obtains through deciphering.
Obtain the not restriction particularly of technology of the request of processing through handling acquisition request part 1313; And be that acquisition request part 131 can be obtained as handling the wireless signal that request is extracted under the situation of the indication numerical value of handling request for example at the numerical value of the pre-position that is arranged on the wireless signal that receiving unit 110 obtained.
The processing of being carried out by processing execution part 137 does not have concrete restriction, and the processing etc. of the E-Payment of user U being handled personal information is assumed to be the relative high processing of safe class.For the TV program record processing etc., it is assumed to be the relatively low processing of safe class.
Do not limit particularly when utilizing 142 pairs of keys to handle the system that uses when request is encrypted or deciphered, and for example can use public-key encryption.As the example of public-key encryption, can use AES (Advanced Encryption Standard) and DES (data encryption standard).
Transmitted power is confirmed that part 134 can be registered and is included in key and sends the key that key that acquisition request part 1311 obtained sends in the request and cut apart number in storage area 140.In this case; Handle acquisition request part 1313 and from the wireless signal that receiving unit 110 is received, obtain encrypted processing request, this encrypted processing request is to carry out key that the step-by-step XOR generates, encrypt and obtain handling request through utilizing by 200 pairs of each whole key segments of operating terminal.Processing execution part 137 is utilized through each whole key segments being carried out key that the step-by-step XOR generates, encrypted processing request being deciphered, and wherein each key segment is to be divided into the key that is stored in the storage area 140 and to cut apart number and obtain through being stored in key 142 in the storage area 140.Then, processing execution part 137 is carried out processing according to the processing request that obtains through deciphering.
Storage area 140 is also stored by processing execution part 137 and is started the application program of handling to carry out, and safe class confirms that part 133 can confirm the transmission safe class according to type of application.As the higher relatively example of safe class, under the situation that the application of handling the E-Payment processing is activated, can confirm as high value with sending safe class.In addition, for example,, record under the situation that the application program of processing is activated in processing as the lower example of safe class, can be with confirm as the transmission safe class than low value.
In addition, information processor 100 can comprise that also pairing request obtains part 1312, pairing processing section 136 and key request terminal judges part 132.In this case; Receiving before key sends request, then receiving unit 110 also via wireless signal receive, be used for from operating terminal 200 identifying operation terminal 200 model the model identifying information and with the operating terminal identifying information of operable terminal 200.Pairing request is obtained part 1312 can obtain pairing request from the wireless signal that receiving unit 110 is received; Being included in the model identifying information that is obtained by pairing request in the pairing request that part 1312 obtains is under the situation of predetermined model identifying information, and pairing processing section 136 can be registered as the permission communication terminal information with the operating terminal identifying information in storage area 140; Key request terminal judges part 132 can judge that whether the operating terminal identifying information that is included in the key transmission request of being obtained by key transmission acquisition request part 1311 is as allowing communication terminal information to be registered in the storage area 140; And; Be judged to be the operating terminal identifying information that is included in the key request of sending not as allowing communication terminal information not to be registered under the situation in the storage area 140 in key request terminal judges part 132, transmitting section 160 will not sent each key segments via wireless signal to operating terminal 200.
Obtain the not restriction particularly of technology that part 1312 is obtained pairing request through pairing request; And be that pairing request is obtained part 1312 can obtain the wireless signal that is extracted as pairing request under the situation of numerical value of indication pairing request for example at the numerical value of the pre-position that is arranged on the wireless signal that receives by receiving unit 110.
As the model identifying information of the model that is used for identifying operation terminal 200, so for example can use information, be used for the information of version of information and indication operating terminal 200 of the type at identifying operation terminal 200 with the manufacturer of operable terminal 200.In addition, the operating terminal identifying information as being used for identifying operation terminal 200 can use the MAC Address of operating terminal 200 etc.
Predetermined model identifying information is restriction particularly, and for example is used under the situation of information of manufacturer of identifying information processing unit 100 in storage area 140 storages, and predetermined type information can be the information that is used for the manufacturer of identifying information processing unit 100.In this case, for example, if the manufacturer of the manufacturer of operating terminal 200 and information processor 100 is inequality, information processor 100 will can not send key to operating terminal 200.
Also comprise under the situation of performance information of the performance of indicating operating terminal 200 pairing processing section 136 performance information that also registration is associated with the permission communication terminal information in storage area 140 in pairing request.Safe class confirms that part 133 is also according to the registered performance information that is associated with the permission communication terminal information in the storage area 140, next definite safe class of sending.By this way; For example; Safe class confirm part 133 for the higher relatively operating terminal 200 of wireless signal receptivity, confirm higher transmission safe class, and for the relatively low operating terminal 200 of wireless signal receptivity, confirm lower transmission safe class.
Transmitted power confirms that part 134 can be registered to be included in and sends the key that key that acquisition request part 1311 obtains sends in the request by key and cut apart number and fixed transmitted power in storage area 140, to cut apart number and transmitted power last time as preceding secondary key respectively.In this case, when the encrypted processing requests deciphering of 137 pairs of processing execution parts failure, transmitted power is confirmed that part 134 is obtained to be included in once more and is sent the key that key that acquisition request part 1311 obtains sends in the request by key and cut apart number.Transmitted power confirms that part 134 can calculate that the key that is obtained is cut apart number and the preceding secondary key of registration in storage area 140 is cut apart the difference between the number, and is equal to or less than under the situation of predetermined value in the difference of being calculated, can transmitted power be confirmed as the value greater than the last time transmitted power of registration in storage area 140.By this way, think that it is that transmitted power is not enough that key sends the reason of failing, and when sending key once more, can solve the not enough problem of employed transmitted power.
In addition, storage area 140 is also stored the environment identifying information that is used to discern equipment of itself institute installation environment, and safe class confirms that part 133 can be according to the definite safe class of sending of environment identifying information.For example, information processor 100 be installed in since around a lot of buildings are arranged and under the situation in the relatively poor relatively zone of radio wave propagation, can in environmental unit information, be provided for confirming low value of sending safe class.In addition, for example, information processor 100 be installed in since around do not have a lot of buildings and radio wave propagation relatively preferably under the situation in the zone, can be in the environment identifying information equipment be used for confirming the value of higher transmission safe class.
In addition; For example; Be installed at information processor 100 that observer B is difficult to intercept and capture under the situation of key owing to relatively grow (or the wall W between information processor 100 and the house, next door is thicker) to the distance in house, next door, can in environmental unit information, be provided for confirming value than hanging down the transmission safe class.In addition; For example; Be installed at information processor 100 owing to relatively lack (or the wall W between information processor 100 and the house, next door is thinner) and observer B intercepts and captures under the situation of key easily to the distance in house, next door, can be in the environment identifying information equipment be used for the value of definite higher transmission safe class.For example; The environment identifying information can be in the stage that information processor 100 is made by manufacturer, be stored in the storage area 140; Perhaps can, information processor 100 utilize operating terminal 200 to be registered in the storage area 140 after being made by manufacturer by user U.In addition, for example, be stored in the environment identifying information in the storage area 140, can change through the operating terminal 200 of user U in the stage that manufacturer is just making.
Safe class confirm part 133 can be when only having wireless signal to receive key to send request when receiving unit 110 wireless signal received power, confirm to send safe class.By this way; For example; Under the relatively large situation of the received power of the wireless signal when receiving key and send request, safe class confirms that part 133 confirms operating terminals 200 near information processor 100, and can confirm higher transmission safe class.In addition, for example, under the less relatively situation of the received power of the wireless signal when receiving key and send request, safe class confirms that part 133 confirms operating terminals 200 not near information processor 100, and can confirm lower transmission safe class.
Information processor 100 also can comprise display part 170 and display control section 139.In addition, display control section 139 can make display part 170 show by safe class to confirm transmission safe class that part 133 confirms, be included in and send key that acquisition request part 1311 obtains by key and send key in the request and cut apart number, or confirm in the transmitted power that part 134 confirms at least one by transmitted power.In addition, display control section 139 can make display part 170 show the message of keeping the communication security between information processor 100 and the operating terminal 200.
In addition, display control section 139 can make display part 170 suitably show the process result of being carried out by the pairing process result and the processing execution part 137 of 136 execution of pairing processing section.
[configuration of 1-6. operating terminal]
Fig. 6 shows the diagrammatic sketch according to the configuration of the operating terminal of present embodiment.To the operating terminal according to present embodiment be described with reference to figure 6 (taking the circumstances into consideration) with reference to other accompanying drawings.
Of Fig. 6, operating terminal 200 comprises receiving unit 210, control section 230, storage area 240 and transmitting section 260 at least.In addition, as required, operating terminal 200 also comprises reception control section 220, sends control section 250, importation 270 etc.The input that receives operation information from user U can for example be waited through push-botton operation in importation 270.
In addition, control section 230 comprises that at least part 231 is obtained in response and the key request of sending generates part 233, and comprises that as required pairing request generates part 234, the processing request generates part 235, operation information acquisition part 232 etc.Response is obtained part 231 and is comprised that at least key obtains part 2311.Control section 230 is made up of for example CPU, RAM etc., and through in RAM, reading and be deployed in program stored in the storage area 240 and carrying out the program of in RAM, launching and realize its function.In addition, control section 230 can be made up of for example specialized hardware.Operation information acquisition part 232 comprises that key request operation obtains part 2321, pairing request operation and obtain part 2322, handle solicit operation and obtain part 2323 etc.
The key request of sending generates part 233 and generates and comprise that key cuts apart the key of number and send request.Operating terminal 200 comprise importation 270 with key request operation obtain under the situation of part 2321; The input of solicit operation is accepted to send from user's key in importation 270, and the key request operation is obtained part 2321 and obtained key from importation 270 and send solicit operation and key is sent solicit operation and be input to the key request of sending and generate part 233.Key sends request generation part 233 and sends solicit operation, generates key transmission request based on the key that obtains part 2321 outputs from the key request operation.
Transmitting section 260 is made up of antenna etc., and sends wireless signals to information processor 100.For example, transmitting section 260 is sent key via wireless signal to information processor 100 and is sent request.
Receiving unit 210 is by constituting with the identical or different antenna of transmitting section 260 etc., and receives the wireless signal from information processor 100.For example, receiving unit 210 receive from information processor 100, be divided into each key segment that key is cut apart number by information processor 100.
Key obtains part 2311 and generates key based on each key segment that receiving unit 210 is received, and the key that is generated is registered in the storage area 240.As stated, though key obtain part 2311 through carry out the key segment (key segment F1, F2 ... FN) step-by-step XOR generates key, and the mode that still generates key is not limited to carry out the technology of step-by-step XOR.
Pairing request generates part 234 and generates pairing request.Operating terminal 200 comprise importation 270 with pairing request operation obtain under the situation of part 2322; The input from user's pairing request operation is accepted in importation 270, and the pairing request operation is obtained part 2322 and obtained from the pairing request operation of importation 270 and the pairing request operation is outputed to pairing request and generate part 234.Pairing request generates part 234 based on pairing request operation, the generation pairing request of obtaining part 2322 outputs from the pairing request operation.
The request of handling generates part 235 and generates the request of processing, and generates encrypted processing request, and wherein encrypted processing request is to be registered in key in the storage area 140, the processing request that is generated is encrypted to obtain through utilization.Comprise importation 270 and handle solicit operation and obtain under the situation of part 2323 at operating terminal 200; The input from the processing solicit operation of user U is accepted in importation 270, and handles solicit operation and obtain part 2323 and obtain processing solicit operation from importation 270, and will handle solicit operation and output to and handle request generation part 235.The request of processing generates part 235 based on obtaining the processing solicit operation of part 2323 outputs from handling solicit operation, generating the request of processing.
Receive control section 220 as required, the wireless signal that receives through receiving unit 210 is carried out the frequency translation from the high-frequency signal to the baseband signal, and the baseband signal after the frequency translation is carried out demodulation through down-conversion.In addition, utilize data-signal to carry out under the situation about handling at control section 230, receiving control section 220 will be digital signal through the analog signal conversion that demodulation obtains.
Utilize digital signal to carry out under the situation about handling at control section 230, send control section 250 and convert the digital signal that to send into analog signal.In addition, send control section 250 as required modulated analog signal, carry out outputing to transmitting section 260 to the frequency translation of high-frequency signal and with high-frequency signal through up-conversion from the baseband signal that obtains through modulation.
[ios dhcp sample configuration IOS DHCP of the related information that the 1-7. information processor is held]
Fig. 7 shows the diagrammatic sketch of the ios dhcp sample configuration IOS DHCP of the related information that information processor holds.To come the ios dhcp sample configuration IOS DHCP of the related information that the descriptor processing unit held with reference to figure 7 (take the circumstances into consideration with reference to other accompanying drawings).
As shown in Figure 7, for example, related information 141 is to be relative to each other to join and to form through key being cut apart number, safe class and transmitted power.Good in the example depicted in fig. 7, when key was cut apart number and represented with N, cutting apart number N at key was that " arbitrarily " and safe class are under the situation of " common ", and transmitted power is set to the information of indication " not regulating ".In an identical manner; Cutting apart number N at key is that " N>10 " and safe class are under the situation of " low "; Transmitted power is set to the information of indication " not regulating "; And cutting apart number N at key is that " N >=100 " and safe class are under the situation of " height ", and transmitted power is set to the information of indication " not regulating ".
In addition, in the example depicted in fig. 7, cutting apart number N at key is that " N<100 " and safe class are under the situation of " height ", and transmitted power is set to the information of indication " reducing ".In addition, cutting apart number N at key is that " N≤10 " and safe class are under the situation of " low ", and transmitted power is set to the information of indication " increase ".
Notice that example shown in Figure 7 is only represented the example of related information 141.For example, safe class is not limited to be divided into the situation of " low ", " common " and " height " Three Estate, and can be the situation that is divided into " low ", " low slightly ", " common ", " high slightly " and " height " five grades.In addition, the threshold value that key is cut apart number N is set to " 10 ", " 100 " etc., but is not limited to those values.
[1-8. is by the flow process of the processing of information processing system execution]
Fig. 8 shows the sequence chart of the flow process of the processing of being carried out by information processing system.The flow process of the processing of being carried out by information processing system will be described with reference to figure 8 (taking the circumstances into consideration with reference to other accompanying drawings).In Fig. 8, show and comprise that in the key request of sending key cuts apart the flow process of the processing of carrying out under the situation of number N.In addition, the back will be with reference to the detailed content of the step S102 and the step S104A to S104C of figure 9 descriptor processing unit 100.
As shown in Figure 8, operating terminal 200 sends key to information processor 100 and sends request (step S101).Information processor 100 receives key and sends request (step S102), and definite transmitted power (step S103).
Information processor 100 sends key segment F1 (step S104A) according to determined transmitted power to operating terminal 200.The key segment F1 (step S105A) that operating terminal 200 receives from information processor 100.In the same way, information processor 100 sends key segment F2 (step S104B) according to determined transmitted power to operating terminal 200.The key segment F2 (step S105B) that operating terminal 200 receives from information processor 100.Information processor 100 sends key segment FN (step S104C) according to determined transmitted power to operating terminal 200.The key segment F2 (step S105C) that operating terminal 200 receives from information processor 100.Though not shown in Fig. 8, wherein information processor 100 according to determined transmitted power to operating terminal 200 send the processing of key segment F3 to FN-1 and wherein operating terminal 200 receive from the processing of the key segment F3 to FN-1 of information processor 100 and carry out in the same way.
Operating terminal 200 generates key (step S106) based on the key segment F1 to FN that is received, and utilizes the key that is generated to encrypt (step S107) to handling request.For example, as stated, can generate key through the step-by-step XOR that carries out the key segment.Operating terminal 200 sends to information processor 100 (step S108) with encrypted processing request.
Information processor 100 receives from processing request operating terminal 200, that encrypted (step S109), and utilizes key that (step S110) deciphered in the processing request of having encrypted that is received.Information processor 100 is carried out processing (step S111) according to the processing request that obtains through deciphering.
[1-9. is by the flow process of the processing of information processor execution]
Fig. 9 shows the flow chart of the flow process of the processing of being carried out by information processor.The flow process of the processing of being carried out by information processor will be described with reference to figure 9 (taking the circumstances into consideration with reference to other accompanying drawings).
As shown in Figure 9, under the condition that has received key transmission request, information processor 100 judges that key sends the transmission partner (step S201) whether the transmission source of asking is suitable as key.For example as stated; Can carry out whether the transmission source is suitable as the transmission partner's of key judgement through judging that by key request terminal judges part 132 key sends key that acquisition request part 1311 obtained and whether sends the operating terminal identifying information that comprises in the request as allowing communication terminal information to be registered in the storage area 140.
Under the transmission source that is judged to be the key request of sending is not suitable for as the transmission partner's of key situation (" deny " among the step S201), information processor 100 is accomplished key transmission processing under the situation of not sending key.Be suitable as under transmission partner's the situation of key (" being " among the step S201) in the transmission source that is judged to be the key request of sending; Information processor 100 obtains key from key transmission request cuts apart number (step S202), and judges that the key that is obtained is cut apart number and whether safe class is fit to (step S203).As stated, confirm part 133, utilize various technology to confirm safe class through the safe class of information processor 100.
Cut apart under the situation that number and safe class be fit to (" being " among the step S203) being judged to be key, information processor 100 proceeds to step S205.Cut apart (" denying " among the step S203) under number and the unaccommodated situation of safe class being judged to be key, information processor 100 is regulated the transmitted power (step S204) when sending the key segments and is proceeded to step S205.
Information processor 100 sends key segments (step S205) to operating terminal 200, and has judged whether to send its number and equal the key segment (step S206) that key is cut apart number.Do not send its number and equal key and cut apart under the situation of key segment of number (" denying " among the step S206) being judged to be, information processor 100 turns back to step S205, the key segment to send subsequently to operating terminal 200.Sent its number and equal key and cut apart under the situation of key segment of number (" being " among the step S206) being judged to be, information processor 100 is accomplished keys and is sent and handle.
2. modified example
The preferred embodiments of the present invention have been described with reference to the drawings, and the present invention simultaneously is not limited to top example certainly.Those skilled in the art can find various replacements and modification within the scope of the appended claims, and should be understood that they naturally also will be in technical scope of the present invention.
For example, though in the present invention, used unencrypted pure words character string, also can use encryption key for key itself.
In addition; Make display part 170 show to send safe classes, key to cut apart at least one the example in number or the transmitted power though described the display control section 139 of information processor 100 in the present embodiment, operating terminal 200 can show these information.In this case, for example, information processor 100 can send to operating terminal 200 and comprise that sending safe class, key cuts apart at least one key in number or the transmitted power and send and accomplish notice.Then, be included in display control section in the operating terminal 200 and can make that being included in display part in the operating terminal 200 shows that being included in the key that is received sends transmission safe class, the key accomplished in the notice and cut apart in number or the transmitted power at least one.In addition, the display control section that is included in the operating terminal 200 can make the display part that is included in the operating terminal 200 show the message of keeping the communication security between information processor 100 and the operating terminal 200.
3. sum up
According to first embodiment; Therein key cut apart according to operating terminal 200 specified keys that number is cut apart and the information processing system 10 returned by information processor 100 in, information processor 100 becomes and has the right to confirm the communication security intensity between operating terminal 200 and the information processor 100.Can solve the unbalanced problem on the right of confirming the communication security intensity between operating terminal 200 and the information processor 100.
In addition; Because information processor 100 can determine the transmitted power when sending key, used, it becomes and can send key, improve the communication security intensity between operating terminal 200 and the information processor 100 with lower transmitted power through making information processor 100.
In addition, because information processor 100 can determine the transmitted power when sending key, used, it becomes and can send key, improve the success rate that key sends to operating terminal 200 with higher transmit power through making information processor 100.
Reference numeral
10 information processing systems
100 information processors
110 receiving units
120 receive control section
130 control sections
131 acquisition request parts
1311 keys send the acquisition request part
1312 pairing request are obtained part
1313 handle the acquisition request part
132 key request terminal judges parts
133 safe classes are confirmed part
134 transmitted powers are confirmed part
135 keys obtain part
136 pairing processing sections
137 processing execution parts
139 display control sections
140 storage areas
141 related informations
142 keys
150 send control section
160 transmitting section
170 display parts
200 operating terminals
210 receiving units
220 receive control section
230 control sections
Part is obtained in 231 responses
2311 keys obtain part
232 operation information acquisition parts
Part is obtained in the operation of 2321 key request
Part is obtained in the operation of 2322 pairing request
2323 handle solicit operation obtains part
The request of sending of 233 keys generates part
234 pairing request generate part
235 handle request generates part
240 storage areas
250 send control section
260 transmitting section
270 importations

Claims (15)

1. information processor comprises:
Storage area, its storage are used to encrypt or the key of data decryption;
Receiving unit, its receive from operating terminal, via wireless signal, comprise that key cuts apart the key of number and send request;
Key sends the acquisition request part, and it obtains said key and sends request from the wireless signal that is obtained by said receiving unit;
Safe class is confirmed part, and it confirms as the transmission safe class with the safe class when said operating terminal sends said key;
Transmitted power is confirmed part; It sends the said key that said key that acquisition request partly obtains sends in the request by said key and cuts apart number according to being confirmed the said transmission safe class that part is confirmed by said safe class and being included in, and confirms transmitted power;
Key obtains part, and it is divided into said key and cuts apart number through being stored in said key in the said storage area, obtains each key segment; And
Transmitting section, it is confirmed the definite said transmitted power of part, is sent by said key to said operating terminal and obtain said each key segment of partly obtaining by said transmitted power via wireless signal, utilization.
2. information processor according to claim 1,
Wherein said storage area is also stored first key and is cut apart the number and first safe class, and
Wherein said transmitted power confirms that partly also obtaining said first key that is stored in the said storage area cuts apart number and said first safe class; And satisfying under the situation of first condition; Said transmitted power is confirmed partly said transmitted power to be confirmed as the value less than the said transmitted power of under the situation that does not satisfy said first condition, using; Wherein said first condition is, confirms by said safe class that said transmission safe class that part is confirmed is equal to or higher than said first safe class and is included in said key and sends said key in the request and cut apart number and cut apart number less than said first key.
3. information processor according to claim 2,
Wherein said storage area is also stored second key and is cut apart the number and second safe class, and
Wherein said transmitted power confirms that partly obtaining said second key that is stored in the said storage area cuts apart number and said second safe class; And satisfying under the situation of second condition; Said transmitted power is confirmed partly said transmitted power to be confirmed as the value greater than the said transmitted power of under the situation that does not satisfy said second condition, using; Wherein said second condition is, confirms by said safe class that said transmission safe class that part is confirmed is equal to or less than said second safe class and is included in said key and sends said key in the request and cut apart number and be equal to or greater than said second key and cut apart number.
4. information processor according to claim 1 also comprises:
Handle the acquisition request part; And
The processing execution part,
Wherein said receiving unit is after having received said key transmission request; Also receive encrypted processing request from said operating terminal via wireless signal; Said encrypted processing request is through utilizing the key that is generated based on said each key segment by said operating terminal to ask to encrypt to obtain to handling
Wherein said processing acquisition request part is obtained said encrypted processing request from the wireless signal that is received by said receiving unit, and
Wherein said processing execution partly utilizes the said key that is stored in the said storage area that said encrypted processing request is deciphered, and carries out processing according to the said processing request that obtains through deciphering.
5. information processor according to claim 4,
Wherein said transmitted power confirms that part registration in said storage area is included in and sends the said key that said key that acquisition request partly obtains sends in the request by said key and cut apart number,
Wherein said processing acquisition request part is obtained encrypted processing request from the wireless signal that is received by said receiving unit; Wherein said encrypted processing request is through utilizing by said operating terminal each key segment whole to be carried out key that the step-by-step XOR generates, encrypt and obtain handling request, and
Wherein said processing execution is partly utilized through each key segment whole being carried out the key that the step-by-step XOR generates said encrypted processing request is deciphered; And processing is carried out in the said processing request according to obtaining through deciphering, and wherein each key segment is to be divided into the key that is stored in the said storage area and to cut apart number and obtain through being stored in said key in the said storage area.
6. information processor according to claim 4,
Wherein said storage area is application storing also, and said application program is partly started carrying out said processing by said processing execution, and
Wherein said safe class is confirmed partly to confirm said transmission safe class according to said type of application.
7. information processor according to claim 1 also comprises:
Pairing request is obtained part;
The pairing processing section; And
Part is confirmed at the key request terminal,
Wherein, Said receiving unit is before receiving said key transmission request; Also receive pairing request from said operating terminal via wireless signal; Said pairing request comprises the model identifying information of the model that is used to discern said operating terminal and the operating terminal identifying information that is used to discern said operating terminal
Wherein said pairing request obtain part from the wireless signal that receives by said receiving unit, obtain said pairing request,
Wherein, Being included in the said model identifying information that is obtained in the said pairing request of partly obtaining by said pairing request is under the situation of predetermined model identifying information; Said pairing processing section with said operating terminal identifying information as allowing communication terminal information, being registered in the said storage area
The part judgement is confirmed at wherein said key request terminal; Be included in and send said key that acquisition request partly obtains by said key and send operating terminal identifying information in the request and whether be used as said permission communication terminal information and be registered in the said storage area, and
Wherein, Confirming at said key request terminal that part is judged to be is included in said key and sends said operating terminal identifying information in the request and be not used as said permission communication terminal information and be registered under the situation in the said storage area, and said transmitting section is not sent said each key segment via wireless signal to said operating means.
8. information processor according to claim 7,
Wherein, comprise also that in said pairing request said pairing processing section also will be registered in the said storage area with the said performance information that said permission communication terminal information is associated under the situation of performance information of the performance of indicating said operating terminal, and
Wherein said safe class confirm part according to the said performance information of in said storage area, registering explicitly with said permission communication terminal information, confirm said transmission safe class.
9. information processor according to claim 1,
Wherein, said transmitted power confirm part registration in said storage area be included in by said key send said key that acquisition request partly obtains send said key in the request cut apart number and determined transmitted power, to cut apart number and transmitted power last time as preceding secondary key respectively; Partly said encrypted processing request is deciphered under the situation of failure in said processing execution, the definite said key that is included in the said key transmission request of partly being obtained by said key transmission acquisition request that partly obtains once more of said transmitted power is cut apart number; Said transmitted power confirms that part calculates that the key that is obtained is cut apart number and the said preceding secondary key that is registered in the said storage area is cut apart the difference between the number; And, being equal to or less than in the difference of being calculated under the situation of predetermined value, said transmitted power confirms that part is definite greater than the value that is registered in the said last time transmitted power in the said storage area.
10. information processor according to claim 1,
Wherein said storage area is also stored the environment identifying information that is used to discern equipment of itself institute installation environment, and
Wherein said safe class is confirmed partly to confirm said transmission safe class according to said environment identifying information.
11. information processor according to claim 1,
Wherein, said safe class confirms that part is according to receiving received power that said key sends the wireless signal when asking, confirm said transmission safe class via wireless signal when said receiving unit.
12. information processor according to claim 1 also comprises:
The display part; And
Display control section,
Wherein said display control section makes said display part show at least one of the following: confirmed said transmission safe class that part confirms, be included in and send said key that acquisition request partly obtains by said key and send said key in the request and cut apart number, or confirm the said transmitted power that part is confirmed by said transmitted power by said safe class.
13. information processing method of carrying out by information processor; Said information processor comprises that storage is used to encrypt or the storage area of the key of data decryption, receiving unit, key send acquisition request part, safe class and confirm that part, transmitted power confirm that part, key obtain part and transmitting section, and said information processing method comprises:
Receive from operating terminal, cut apart the step that the key of number sends request by said receiving unit via the key that comprises of wireless signal;
Send the acquisition request part by said key and from the wireless signal that obtains by said receiving unit, obtain the step that said key sends request;
Confirm partly the safe class when said operating terminal sends said key to be confirmed as the step of sending safe class by said safe class;
Confirm that by transmitted power part sends said key that acquisition request partly obtains by said key and send the step that said key in the request is cut apart number, confirmed transmitted power according to being confirmed the said transmission safe class that part is confirmed by said safe class and being included in;
Obtaining part by said key is divided into said key and cuts apart the step that number obtains each key segment through being stored in said key in the said storage area; And
Confirm the definite said transmitted power of part, send the step of obtaining said each key segment of partly obtaining by said key to said operating terminal by said transmitted power via wireless signal, utilization by said transmitting section.
14. an operating terminal, it comprises:
Storage area;
The key request of sending generates part, and its generation comprises that key cuts apart the key of number and send request;
Transmitting section, it sends said key via wireless signal to information processor and sends request;
Receiving unit, its receive from said information processor, cut apart each key segment that number obtains through be divided into said key by said information processor; And
Key obtains part, and it generates key based on each key segment that is received by said receiving unit, and the key that is generated is registered in the said storage area.
15. an information processing system comprises:
Information processor; And
Operating terminal;
Wherein said information processor comprises
Storage area, its storage are used to encrypt or the key of data decryption,
Receiving unit, its receive from said operating terminal, via wireless signal, comprise that key cuts apart the key of number and send request,
Key sends the acquisition request part, and it obtains said key and sends request from the wireless signal that is obtained by said receiving unit,
Safe class is confirmed part, and it confirms as the transmission safe class with the safe class when said operating terminal sends said key,
Transmitted power is confirmed part; It sends the said key that said key that acquisition request partly obtains sends in the request by said key and cuts apart number according to being confirmed the said transmission safe class that part is confirmed by said safe class and being included in; Confirm transmitted power
Key obtains part, and it is divided into said key and cuts apart number, obtain each key segment through being stored in said key in the said storage area, and
Transmitting section, it is confirmed the definite said transmitted power of part, is sent by said key to said operating terminal and obtain said each key segment of partly obtaining by said transmitted power via wireless signal, utilization, and
Wherein said operating terminal comprises
Storage area;
The key request of sending generates part, and its generation comprises that key cuts apart the key of number and send request;
Transmitting section, it sends said key via wireless signal to said information processor and sends request;
Receiving unit, its receive from said information processor, cut apart each key segment that number obtains through be divided into said key by said information processor, and
Key obtains part, and it generates key based on each key segment that is received by said receiving unit, and the key that is generated is registered in the said storage area.
CN2010800342136A 2009-08-07 2010-07-23 Information processing device, information processing method, operation terminal, and information processing system Pending CN102474666A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2009-185053 2009-08-07
JP2009185053A JP5446566B2 (en) 2009-08-07 2009-08-07 Information processing apparatus, information processing method, operation terminal, and information processing system
PCT/JP2010/062434 WO2011016349A1 (en) 2009-08-07 2010-07-23 Information processing device, information processing method, operation terminal, and information processing system

Publications (1)

Publication Number Publication Date
CN102474666A true CN102474666A (en) 2012-05-23

Family

ID=43544246

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010800342136A Pending CN102474666A (en) 2009-08-07 2010-07-23 Information processing device, information processing method, operation terminal, and information processing system

Country Status (8)

Country Link
US (2) US8611538B2 (en)
EP (1) EP2464050B1 (en)
JP (1) JP5446566B2 (en)
CN (1) CN102474666A (en)
BR (1) BR112012002306A2 (en)
IN (1) IN2012DN00774A (en)
RU (1) RU2536364C2 (en)
WO (1) WO2011016349A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104488301A (en) * 2012-06-28 2015-04-01 高通股份有限公司 Method and apparatus for restricting access to a wireless system
CN105184180A (en) * 2014-06-12 2015-12-23 联想(北京)有限公司 Method and device for document processing

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5446566B2 (en) 2009-08-07 2014-03-19 ソニー株式会社 Information processing apparatus, information processing method, operation terminal, and information processing system
US8544054B2 (en) * 2011-05-20 2013-09-24 Echostar Technologies L.L.C. System and method for remote device pairing
CN103678174A (en) * 2012-09-11 2014-03-26 联想(北京)有限公司 Data safety method, storage device and data safety system
CN105634771B (en) * 2014-10-31 2020-04-14 索尼公司 User side device and network side device in communication system and wireless communication method
EP3216250B1 (en) * 2014-11-06 2021-03-10 Samsung Electronics Co., Ltd. Bootstrapping wi-fi direct communication by a trusted network entity
US10541811B2 (en) * 2015-03-02 2020-01-21 Salesforce.Com, Inc. Systems and methods for securing data
CN106252749B (en) * 2015-06-04 2020-12-29 松下知识产权经营株式会社 Control method for battery pack and battery pack
US10263968B1 (en) * 2015-07-24 2019-04-16 Hologic Inc. Security measure for exchanging keys over networks
US11368292B2 (en) 2020-07-16 2022-06-21 Salesforce.Com, Inc. Securing data with symmetric keys generated using inaccessible private keys
US11522686B2 (en) 2020-07-16 2022-12-06 Salesforce, Inc. Securing data using key agreement

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6182214B1 (en) * 1999-01-08 2001-01-30 Bay Networks, Inc. Exchanging a secret over an unreliable network
US20020115426A1 (en) * 2001-01-30 2002-08-22 Erlend Olson Wireless device authentication at mutual reduced transmit power
JP2003187394A (en) * 2001-12-18 2003-07-04 Mitsubishi Electric Corp Location system
JP2004350044A (en) * 2003-05-22 2004-12-09 Tdk Corp Transmitter, receiver, communication system, and communication method
CN101184010A (en) * 2006-11-16 2008-05-21 夏普株式会社 Sensing equipment and network system, servor node and communication path building method
JP2009055402A (en) * 2007-08-28 2009-03-12 Kddi Corp Key generation device, terminal device, storage server, and computer program

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060173848A1 (en) * 2000-03-09 2006-08-03 Pkware, Inc. System and method for manipulating and managing computer archive files
JP3823929B2 (en) * 2002-05-17 2006-09-20 ソニー株式会社 Information processing apparatus, information processing method, content distribution apparatus, content distribution method, and computer program
US20060133338A1 (en) * 2004-11-23 2006-06-22 Interdigital Technology Corporation Method and system for securing wireless communications
ATE442725T1 (en) * 2005-04-04 2009-09-15 Research In Motion Ltd BASED ON THE CONFIDENTIALITY OF ENCRYPTED DATA CARRIED BY TRANSMISSION, CERTAIN TRANSMISSION POWER OF A WIRELESS TRANSMISSION
JP4839049B2 (en) * 2005-09-20 2011-12-14 クラリオン株式会社 Information processing apparatus and display screen control method
US9635625B2 (en) * 2005-12-28 2017-04-25 Google Technology Holdings LLC Method for switching between predefined transmit power classes on a mobile telecommunications device
JP2007274388A (en) * 2006-03-31 2007-10-18 Brother Ind Ltd Network system, communication device, and program
US20080089519A1 (en) * 2006-10-12 2008-04-17 Nokia Corporation Secure key exchange algorithm for wireless protocols
JP2008263308A (en) * 2007-04-10 2008-10-30 Sony Corp Remote controller, electronic apparatus and remote control system
US8064599B2 (en) * 2007-08-29 2011-11-22 Red Hat, Inc. Secure message transport using message segmentation
US8736427B2 (en) * 2008-09-03 2014-05-27 Apple Inc. Intelligent infrared remote pairing
JP5446566B2 (en) 2009-08-07 2014-03-19 ソニー株式会社 Information processing apparatus, information processing method, operation terminal, and information processing system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6182214B1 (en) * 1999-01-08 2001-01-30 Bay Networks, Inc. Exchanging a secret over an unreliable network
US20020115426A1 (en) * 2001-01-30 2002-08-22 Erlend Olson Wireless device authentication at mutual reduced transmit power
JP2003187394A (en) * 2001-12-18 2003-07-04 Mitsubishi Electric Corp Location system
JP2004350044A (en) * 2003-05-22 2004-12-09 Tdk Corp Transmitter, receiver, communication system, and communication method
CN101184010A (en) * 2006-11-16 2008-05-21 夏普株式会社 Sensing equipment and network system, servor node and communication path building method
JP2009055402A (en) * 2007-08-28 2009-03-12 Kddi Corp Key generation device, terminal device, storage server, and computer program

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104488301A (en) * 2012-06-28 2015-04-01 高通股份有限公司 Method and apparatus for restricting access to a wireless system
CN105184180A (en) * 2014-06-12 2015-12-23 联想(北京)有限公司 Method and device for document processing

Also Published As

Publication number Publication date
US20120121089A1 (en) 2012-05-17
US9204297B2 (en) 2015-12-01
EP2464050A1 (en) 2012-06-13
RU2536364C2 (en) 2014-12-20
EP2464050A4 (en) 2013-05-01
JP5446566B2 (en) 2014-03-19
WO2011016349A1 (en) 2011-02-10
IN2012DN00774A (en) 2015-06-26
EP2464050B1 (en) 2016-08-31
RU2012103174A (en) 2013-08-10
JP2011040909A (en) 2011-02-24
US20140050323A1 (en) 2014-02-20
US8611538B2 (en) 2013-12-17
BR112012002306A2 (en) 2016-05-31

Similar Documents

Publication Publication Date Title
CN102474666A (en) Information processing device, information processing method, operation terminal, and information processing system
EP2034780B1 (en) System, method, and apparatus for on-demand limited security credentials in wireless and other communication networks
CN102075930B (en) Management frames for wireless network sets up device, the system and method for priority
US8516252B2 (en) Method and apparatus for authenticating a sensor node in a sensor network
US20070150720A1 (en) Method and apparatus for transmitting message to wireless devices that are classified into groups
US8522029B2 (en) Secret-key exchange for wireless and sensor networks
CN101771992B (en) Method, equipment and system for protection of confidentiality of international mobile subscriber identifier IMSI
Hu et al. Covert communications without channel state information at receiver in IoT systems
US10194392B2 (en) Terminal device, wireless device wirelessly communicating with the same, and wireless communication system including the terminal device and wireless device
WO2009016371A1 (en) Identification and authentication of devices in a network
KR100856408B1 (en) Apparatus and method for transmitting data
CN104641590A (en) Discovery and secure transfer of user interest data
Xu et al. Opportunistic relay selection improves reliability–reliability tradeoff and security–reliability tradeoff in random cognitive radio networks
US20030221098A1 (en) Method for automatically updating a network ciphering key
JP5509802B2 (en) Wireless communication system, wireless communication apparatus, wireless communication method, and program
Kang et al. Security‐oriented distributed access selection for D2D underlaying cellular networks
WO2019138850A1 (en) Information processing device, information processing method, information processing program, and electronic device
CN102487505A (en) Access authentication method of sensor node, apparatus thereof and system thereof
KR20060045669A (en) Method for managing communication security in wireless network and apparatus for the same
Nguyen et al. On secrecy analysis of UAV-enabled relaying NOMA systems with RF energy harvesting
Taresh Proposed Lightweight Protocol for IoT Authentication
CN114040366B (en) Bluetooth connection encryption method with high network communication security
CN109068324B (en) Identity authentication system and identity authentication method based on NB-iot module
KR101508073B1 (en) Method for access of device in zigbee network and apparatus therefor
CN113613246A (en) Communication data transmission method and device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20151209

C20 Patent right or utility model deemed to be abandoned or is abandoned